cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2676
Views
0
Helpful
9
Replies

Prevent\Detect Dual Homing

hammerc
Level 1
Level 1

Currently looking for a solution that will detect and or disable Computers that are simultaneously connected to both the wired and wireless networks withing a single building. The wireless and wired network utilize physically seperate cisco equiptment for connectivity. It is not possible to install software on the node devices due to guest wireless access, so a centralized solution is required.

9 Replies 9

amritpatek
Level 6
Level 6

Disable the keepalives. so that there wont any messages or capability negotiation takes place so that there wont be any data exchanges, so disabling the workaround will give the resolution.

Is there any registry key in the windows that we can disable the wireless NIC if we wired NIC is abled simultaneously? Thanks.

I'm not sure if there is a registry key to do that, but I do know that Microsoft currently does not implement the capability to disable the wired in the event wireless nic is enabled.

Plus, with the guest computers I will not have access to manipulate there computers, which adds to the complexity of the problem of trying to analyze to completely diffrent networks and find a similarity between the both the recognize if a computer is connected to both wired and wireless connections simultaneously.

Thanks,

tstaskiewicz
Level 1
Level 1

It appears that you are looking for a failover solution, if one connection doesn't work the other will. With that being the case I don't see how you are going to prevent potential dual homing and keep both interfaces poised to respond. Unfortunately there is nothing (anyway nothing I know about) that offers a spanning tree type solution at the client.

With that in mind what's the problem if both interfaces are active? Unless this is a device that can serve as a router and you don't want traffic routed, I don't see it as an issue. If there is a potential routing issue turn the cost up on the interfaces so the route would only be picked if there was no other alternative.

HTH

Tom

There is a possibility to bridge the wired and wireless NIC in XP. Thus, this is why we want to disable wireless NIC and left the wired NIC active.

Please advise and thanks

Cisco BPDU guard when enabled will disable the switchport on the wired side if it detects a pc bridging the connection. I plan on implementing this to prevent the real risk, but the tiny little issue of when they do not bridge the connections, but connect simultaneously is the kicker. It is very difficult to find a solution to prevent this.

Thanks,

The original intent of the wireless network was not a failover solution, but I do see the correlation in that I want both networks to be acccessed just not at the same time.

The company I work for is very strict about security, and this has become a big issue. I agree that the risk is low when they are attached to both due to routing issues, but testing has discovered that when connected to both I can access all the wired resources, and the local subnet of the wireless nothing beyond that. I do not have access to guest computers when they come onsite to manipulate them, so I am trying to find a centralized solution if it exists.

Thanks,

This is a long shot, but it might be worth trying. I haven't done this so it is just a suggestion.

Are you using DHCP for both the wired and wireless environments? If so, is the same device handing out the addresses? Again, if the answer is yes could you plug both MAC addresses into the DHCP server with the same IP address and then when the device attaches with the first interface it will receive the IP address and when the second interface attempts to attach the connection will be refused because the IP address is already assigned.

This is all supposition because I haven't tested this, but again it might be worth a try. If you have a mandatory IP address, I don't think there will be an attempt to issue a second address.

How are you or do you propose handling the guests? Will they be on a restricted network and how will that be implemented?

I'm doing a restricted wireless network for guests, but it is being handled by a separate AP that is configured as a DHCP server and issues addresses from a separate pool. The AP is connected to a port on my router so I can fully implement routing and isolate the guest network.

HTH

Tom

asanchezjavier
Level 1
Level 1

========================================================

ESPAÑOL

========================================================

Hola

Aquí va mi solución a este problema, espero les sea de ayuda. (Aunque quizás un poco tarde)

Quizás este método no esta bien pulido, pero es hasta donde pude llegar

1- Crear una tarea programada que se dispare cuando ocurra un evento (Event Viewer).

        - El evento debe ser la conexión o des conexión de la tarjeta de red cableada.

        - Cuando ocurra el evento la tarea debe correr una aplicación

2- La aplicación sera un archivo BAT que contendrá comandos (Tipo DOS)

  *Si el cable esta conectado desactivar la inalambrica con un comando similar a este: 

            (netsh interface set interface "Wireless Network Connection" Disable) (Sin paréntesis)

  *Si el cable esta desconectado activar la inalambrica con comandos similares a este:

            (netsh interface set interface "Wireless Network Connection" Enable)

 

Nota: Debes usar un usuario con derechos de administrador para poder correr estos comandos.

========================================================

INGLES

========================================================

Hi there 

Here's my solution to this problem, I hope it will be helpful. (Although perhaps a little late) 

Perhaps this method is not well polished, but far as I could get 

1 - Create a scheduled task that is triggered when an event (Event Viewer) occurs. 

         - The event must be the connection or disconnection of the wired network card. 

         - When the event occurs the task should run an application 

2 - The application will contain a BAT file commands (DOS type) 

   * If the cable is connected wirelessly disable a command similar to this: 

             (netsh interface set interface "Wireless Network Connection" Disable) (no brackets) 

   * If the cable is disconnected activate the wireless command similar to this: 

             (netsh interface set interface "Wireless Network Connection" Enable) 

 

Note: You must use a user with administrator privileges to run these commands.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: